1. Field of the Invention
The invention relates to a method for processing messages in a communication network comprising a plurality of network nodes, and to a corresponding communication network and a corresponding network node.
2. Description of the Related Art
It is known to provide test information for messages transmitted in a communication network. For example, by means of a CRC (cyclic redundancy check) it is possible to determine whether the data of a message has been changed during transmission as a result of transmission errors. It is also known to provide cryptographic checksums for messages, where is it possible for these checksums to be generated using a hidden input. By this means, it can be ensured that only the message which possesses the cryptographic hidden input can generate a verifiable checksum. By this means, it is possible to counteract the unauthorized transmission of messages in a communication network. By means of the cryptographic checksums, it is also possible to determine whether unauthorized manipulation of the message by an attacker has occurred.
Although the use of test information during the transmission of messages in a communication network enables effective protection against attacks, it has the disadvantage that, in order to verify the test information, it is normally necessary to perform time-consuming cryptographic operations that delay the continuing processing of the message. This is of relevance in communication networks for automation systems in particular, in which commands, or control instructions, are given to networked devices of the automation system via the messages. These commands are often time-critical, i.e., they may only be executed with a slight delay, as otherwise malfunctions in the operation of the automation system can occur.
A method for reversing a configuration change coupled to proof of authorization and executed in a control device is described in the published document DE 10 2007 040 094 B4. This method enables the configuration change to be reversed if the authorization message is subsequently countermanded.
A method for processing messages in a message processing device, where a priority with regard to the security check of the corresponding message is defined based on the content of that message, is described in the published document DE 10 2007 053 255 A1.